GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
430 advisories
Filter by severity
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow...
High
Unreviewed
CVE-2023-38433
was published
Jul 26, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This...
High
Unreviewed
CVE-2023-34123
was published
Jul 13, 2023
A support user exists on the device and appears to be a backdoor for Technical Support staff. The...
High
Unreviewed
CVE-2022-47209
was published
Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded...
High
Unreviewed
CVE-2023-34473
was published
Jul 5, 2023
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded...
High
Unreviewed
CVE-2023-36623
was published
Jul 5, 2023
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code...
High
Unreviewed
CVE-2023-32274
was published
Jun 20, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN...
High
Unreviewed
CVE-2023-25187
was published
Jun 16, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to...
High
Unreviewed
CVE-2023-2637
was published
Jun 13, 2023
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker...
High
Unreviewed
CVE-2022-47617
was published
Jun 2, 2023
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2061
was published
Jun 2, 2023
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider...
High
Unreviewed
CVE-2023-28937
was published
Jun 1, 2023
ROZCOM client CWE-798: Use of Hard-coded Credentials
High
Unreviewed
CVE-2023-31184
was published
May 30, 2023
This vulnerability enables ssh access to minikube container using a default password.
High
Unreviewed
CVE-2023-1944
was published
May 24, 2023
Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10...
High
Unreviewed
CVE-2023-27512
was published
May 23, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC...
High
Unreviewed
CVE-2023-26203
was published
May 4, 2023
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded...
High
Unreviewed
CVE-2022-41398
was published
Apr 28, 2023
The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte...
High
Unreviewed
CVE-2022-41399
was published
Apr 28, 2023
PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote...
High
Unreviewed
CVE-2022-45291
was published
Apr 25, 2023
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User ---...
High
Unreviewed
CVE-2022-37255
was published
Apr 16, 2023
Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials...
High
Unreviewed
CVE-2023-22429
was published
Apr 11, 2023
MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the...
High
Unreviewed
CVE-2023-0391
was published
Mar 21, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet...
High
Unreviewed
CVE-2023-24147
was published
Feb 3, 2023
Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. The application...
High
Unreviewed
CVE-2023-23132
was published
Feb 1, 2023
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege...
High
Unreviewed
CVE-2022-42973
was published
Feb 1, 2023
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an...
High
Unreviewed
CVE-2023-20038
was published
Jan 20, 2023
ProTip!
Advisories are also available from the
GraphQL API